Your bounty program has launched and is clicking along… but are you getting optimal results once the initial excitement wanes? How do you measure and report on program success? How can you build gamification and incentive models that lead to high value vulnerability reports, while discouraging low impact reports that distract your engineers from issues that put customers at risk? And while everyone hopes to never need it, what’s the playbook for handling conflict or vulnerability disclosure situations?
Chloe Brown has spent over a decade passionately crafting connections between community members and development teams. After many years in the gaming industry, Chloe brought her substantial skills for building trusted relationships, facilitating actionable feedback, and creating content for customer acquisition, engagement and retention to the security industry as a Researcher Operations Program Manager for a bug bounty platform in 2016.